diff --git a/servant-auth-cookie.cabal b/servant-auth-cookie.cabal
--- a/servant-auth-cookie.cabal
+++ b/servant-auth-cookie.cabal
@@ -1,5 +1,5 @@
 name:                servant-auth-cookie
-version:             0.3.1
+version:             0.3.2
 synopsis:            Authentication via encrypted cookies
 description:         Authentication via encrypted client-side cookies,
                      inspired by client-session library by Michael Snoyman and based on
@@ -32,7 +32,7 @@
                , bytestring
                , cereal         >= 0.5   && < 0.6
                , cookie         >= 0.4.1 && < 0.5
-               , cryptonite     >= 0.14  && <= 0.19
+               , cryptonite     >= 0.14  && <= 0.20
                , data-default
                , exceptions     >= 0.8   && < 0.9
                , http-types     >= 0.9   && < 0.10
@@ -59,7 +59,7 @@
                , blaze-markup   >= 0.7  && < 0.8
                , bytestring
                , cereal         >= 0.5  && < 0.6
-               , cryptonite     >= 0.14 && <= 0.19
+               , cryptonite     >= 0.14 && <= 0.20
                , data-default
                , http-media
                , mtl            >= 2.0  && < 3.0
@@ -90,7 +90,7 @@
                , QuickCheck     >= 2.4  && < 3.0
                , bytestring
                , cereal         >= 0.5  && < 0.6
-               , cryptonite     >= 0.14 && <= 0.19
+               , cryptonite     >= 0.14 && <= 0.20
                , data-default
                , deepseq        >= 1.3  && < 1.5
                , hspec          >= 2.0  && < 3.0
@@ -112,7 +112,7 @@
   build-depends: base           >= 4.7     && < 5.0
                , bytestring
                , criterion      >= 0.6.2.1 && < 1.2
-               , cryptonite     >= 0.14    && <= 0.19
+               , cryptonite     >= 0.14    && <= 0.20
                , servant-auth-cookie
                , servant-server >= 0.5     && < 0.9
   if flag(dev)
diff --git a/src/Servant/Server/Experimental/Auth/Cookie.hs b/src/Servant/Server/Experimental/Auth/Cookie.hs
--- a/src/Servant/Server/Experimental/Auth/Cookie.hs
+++ b/src/Servant/Server/Experimental/Auth/Cookie.hs
@@ -36,6 +36,7 @@
 
   , ServerKey
   , mkServerKey
+  , mkServerKeyFromBytes
   , getServerKey
 
   , AuthCookieSettings (..)
@@ -49,7 +50,10 @@
   , addSession
   , addSessionToErr
   , getSession
-
+  
+  -- exposed for testing purpose
+  , renderSession
+  
   , defaultAuthHandler
   ) where
 
@@ -176,6 +180,16 @@
   -> m ServerKey       -- ^ New 'ServerKey'
 mkServerKey size maxAge =
   ServerKey size maxAge `liftM` liftIO (mkServerKeyState size maxAge >>= newIORef)
+
+-- | Constructor for 'ServerKey' value using predefined key.
+mkServerKeyFromBytes :: MonadIO m
+  => ByteString     -- ^ Predefined key
+  -> m ServerKey    -- ^ New 'ServerKey'
+mkServerKeyFromBytes bytes =
+  ServerKey (BS.length bytes) Nothing `liftM` liftIO (newIORef (bytes, timeOrigin)) 
+  where
+    -- we don't care about the time as the key never expires
+    timeOrigin = UTCTime (toEnum 0) 0
 
 -- | Extract value from 'ServerKey'.
 getServerKey :: MonadIO m
diff --git a/tests/Main.hs b/tests/Main.hs
--- a/tests/Main.hs
+++ b/tests/Main.hs
@@ -7,24 +7,26 @@
 
 module Main (main) where
 
-import Control.Concurrent (threadDelay)
-import Crypto.Cipher.AES (AES256, AES192, AES128)
-import Crypto.Cipher.Types
-import Crypto.Hash (HashAlgorithm, SHA512, SHA384, SHA256)
-import Crypto.Random (drgNew)
-import Data.ByteString (ByteString)
-import Data.Default
-import Data.Proxy
-import Data.Serialize (Serialize)
-import Data.Time
-import GHC.Generics (Generic)
-import Servant.Server.Experimental.Auth.Cookie
-import Test.Hspec
-import Test.QuickCheck
-import qualified Data.ByteString as BS
+import           Control.Concurrent                      (threadDelay)
+import           Crypto.Cipher.AES                       (AES128, AES192,
+                                                          AES256)
+import           Crypto.Cipher.Types
+import           Crypto.Hash                             (HashAlgorithm, SHA256,
+                                                          SHA384, SHA512)
+import           Crypto.Random                           (drgNew)
+import           Data.ByteString                         (ByteString)
+import qualified Data.ByteString                         as BS
+import           Data.Default
+import           Data.Proxy
+import           Data.Serialize                          (Serialize)
+import           Data.Time
+import           GHC.Generics                            (Generic)
+import           Servant.Server.Experimental.Auth.Cookie
+import           Test.Hspec
+import           Test.QuickCheck
 
 #if !MIN_VERSION_base(4,8,0)
-import Control.Applicative
+import           Control.Applicative
 #endif
 
 main :: IO ()
@@ -67,6 +69,12 @@
       sk <- mkServerKey keySize Nothing
       k  <- getServerKey sk
       BS.length k `shouldNotBe` (keySize `div` 8)
+  context "when creating a new server key from data" $
+    it "has data as server key" $ do
+      let bytes = "0123456789"
+      sk <- mkServerKeyFromBytes bytes
+      k  <- getServerKey sk
+      k `shouldBe` bytes
   context "until expiration" $
     it "returns the same key" $ do
       sk <- mkServerKey 16 Nothing
